[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: crossCertificatePair, what exactly should the contents be?
In message <20021118.191210.50580257.levitte@stacken.kth.se> on Mon, 18 Nov 2002 19:12:10 +0100 (CET), Richard Levitte - VMS Whacker <levitte@stacken.kth.se> said:
levitte> It looks like there's a draft that would define the syntax a little
levitte> better: draft-ietf-pkix-ldap-pki-schema-00.txt. It basically says
levitte> that the value "is the octet string that results from the BER/DER-
levitte> encoding an X.509 public key certificate pair". However, I still
levitte> don't know what a "public key certificate pair" exactly is in this
levitte> context. Is it a "SEQUENCE { issuedToThisCA Certificate,
levitte> issuedByThisCA Certificate }" or what?
Looks like I guessed correctly, at least judging (sp?) from the X.509
4th Edition draft V6 I found, where CertificatePair is defined like
this:
CertificatePair ::= SEQUENCE {
forward [0] Certificate OPTIONAL,
reverse [1] Certificate OPTIONAL,
-- at least one of the pair shall be present -- }
It's to wonder why this isn't specified in RFC 3280...
--
Richard Levitte \ Spannvägen 38, II \ LeViMS@stacken.kth.se
Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47
\ SWEDEN \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis -- poei@bofh.se
Member of the OpenSSL development team: http://www.openssl.org/
Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.